Für den produktiven Einsatz von QKD ist die Sicherheit des Quantennetzes essentiell. Im Arbeitspaket Sicherheitsanalysen werden deshalb verschiedene Netzkomponenten und ihr Zusammenspiel in Hinblick auf die IT-Sicherheit der Hard- und Software untersucht.
Als Basis zur Identifizierung möglicher Einfallstore im MuQuaNet und zum Überblick über bestehende Lösungen dient eine Literaturrecherche der TÜV Informationstechnik GmbH:

MuQuaNet – Infrastructure security analysis

Quantum key distribution (QKD) allows two parties to establish a secret key inherently secure due to the laws of quantum mechanics. In theory, an attacker thus cannot eavesdrop on the communication without being detected. However, security proofs for QKD are based on assumptions that do not take into account imperfections of actual QKD devices. Furthermore, QKD devices have to be integrated into larger networks, resulting in additional challenges.

First commercial QKD solutions have already been developed. In order to gain experience with actual network infrastuctures using QKD, the MuQuaNet research project has been established. The MuQuaNet is a QKD test infrastructure in the Munich area that aims at connecting various locations using QKD devices from different vendors and based on different protocols. Thus, realistic network scenarios can be explored.

In the context of this report, TÜV Informationstechnik GmbH conducted a theoretical analysis of a certain communication scenario relevant in the MuQuaNet. As a result, this document sums up attack vectors relevant not only for the QKD devices themselves but also additional (classical) components of the network.

In order to use QKD in governmental use-cases, certified and tested solutions are required. As a pre-requisite, a precise understanding of network components and their interaction is required. This report aims at identifying areas for future research regarding attacks on QKD, so that remaining loopholes might be identified and closed.

Read the full analysis...